package cn.kgc.shiro;

import cn.kgc.bean.pojo.CUser;
import cn.kgc.service.UserService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.stereotype.Service;

import javax.annotation.Resource;
import java.util.List;

@Service
public class MyRealm extends AuthorizingRealm {
    @Resource
    private UserService userService;

    //自定义授权方法
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("自定义授权方法");
        //获取用户身份信息
        String username = principalCollection.getPrimaryPrincipal().toString();
        //调用业务层获取用户的角色信息（数据库）
        List<String> roleInfo = userService.getUserRoleInfo(username);
        System.out.println("当前用户角色信息="+roleInfo);
        //调用业务层获取用户的角色权限信息（数据库）
        List<String> infoMapper = userService.getUserPermissionInfoMapper(username);
        System.out.println("当前用户角色信息="+infoMapper);
        //1创建对象，封装当前登录用户的角色，权限信息
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        //2存储角色
        info.addRoles(roleInfo);
        // info.addObjectPermissions(infoMapper);
        info.addStringPermissions(infoMapper);
        //3返回信息
        return info;
    }

    //配置SecurityManager
    // @Bean
    // public DefaultWebSecurityManager defaultWebSecurityManager(){
    //     //1创建defaultWebSecurityManager对象
    //     DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
    //     //2创建认证对象，并设置认证策略
    //     ModularRealmAuthenticator modularRealmAuthenticator= new ModularRealmAuthenticator();
    //     modularRealmAuthenticator.setAuthenticationStrategy(new AllSuccessfulStrategy());
    //     defaultWebSecurityManager.setAuthenticator(modularRealmAuthenticator);
    //     //3封装myRealm集合
    //     List<Realm> list = new ArrayList<>();
    //     list.add(myRealm);
    //     list.add(myRealm2);
    //     //4将myRealm存入defaultWebSecurityManager对象
    //     defaultWebSecurityManager.setRealms(list);
    //     //5返回
    //     return defaultWebSecurityManager;
    // }
    //自定义登录认证方法
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //1获取用户身份信息
        String username = authenticationToken.getPrincipal().toString();
        //2调用业务层获取用户信息（数据库）
        CUser user = userService.getUserInfo(username);
        //3非空判断，将数据封装返回
        if(user!=null){
            AuthenticationInfo info  = new SimpleAuthenticationInfo(
                    authenticationToken.getPrincipal(),
                    user.getPassword(),
                    ByteSource.Util.bytes("salt"),
                    authenticationToken.getCredentials().toString()
            );
            return info;
        }
        return null;
    }

}
